Why the investment in Security Tools isn’t winning the cyber war

We’ve seen many recent news stories about data theft, destruction, and security breaches in some of the world’s most high profile private companies and public sector bodies. Almost certainly all of these organizations have invested significantly in Security Tools to stop unauthorized ingress into their networks and information systems. So why has this investment been seemingly so ineffective?

Unknowing 5th columnists

Okay. I’m going to make something clear here: I’m not saying every organization has a group of different individuals whose cadre it is to deliberately undermine the company they work for. That said, when you think about the days of people turning up to work making themselves a cup of coffee, logging onto the centrally provisioned computer, and only moving to visit the rest room or go to lunch are long gone.

The flexibility that workers need and that the business or public sector body demands, means that workers now connect on a proliferation of devices, some under Corporate Compliance and some not. It’s not possible to stop or perhaps even desirable to stop this behavior as it may have detrimental side effects to the user’s productivity.

So, things you don’t want in your environment will get into your environment. Once you accept this fact, then you need to think about ways of reducing the potential damage that can be done and react faster.

Not keeping your systems patched

All software and applications have security weaknesses and exploits that are being discovered all the time. The very nature of disclosure and the process of the way these vulnerabilities are discovered means that this information is always in the public domain. Meaning— that this will be picked up and used by Individuals and organizations that with malicious intent towards your organization.

Software vendors regularly release patches to close these weaknesses and exploits, but some business’s IT functions lack the agility to get these patches deployed in a timely manner. 1E’s Nomad Solution works in conjunction with Microsoft System Center Configuration Manager to ensure software updates are delivered in a reliable and robust way. Nomad features like Fanout Mode and Single Site Download ensure that once Software has been delivered to at least one system on the subnet or site, it propagates quickly. All this is achieved with no additional investment in the physical infrastructure.

Not replacing older software

We still hear stories of many organizations still running obsolete Operating Systems and software in which there are inherent risks in continuing to do so from a security perspective. Firstly, if the software is no longer supported by the vendor, it’s unlikely that the vendor is putting any effort into writing proactive patches to improve the reliability or security of this software. As previously stated, new vulnerabilities and exploits are being found all the time. When they enter the public domain, the vendor’s focus is plugging the holes in their supported code base, not the “no-longer supported” code base.

1E’s Software Management Solution AppClarity can empower organizations to understand what software is currently installed and is being used in the environment. Through Automated Reclaim, we’re able to proactively remove unused, deprecated, or superseded software, thus reducing significantly one of the key attack vectors used by hackers.

Secondly, when we look at Windows 10, Microsoft has invested significant effort in hardening this version from the ground up. There are lots of new and updated security features in this iteration of the Operating System which will enable the organization to start from a really secure base. The 1E Windows Servicing Suite enables organizations to fully, efficiently, and speedily automate the transition from Windows 7 to Windows 10 while also ensuring we carry out the physical security preparation to guarantee you fully leverage these new and improved Windows 10 security features.

We’re always fighting the last war

It’s no doubt that businesses are now fighting an ongoing cyber war. The very nature of this conflict means that new threats and weaknesses are being discovered all the time and these weaknesses are being exploited with malicious intent— be that for financial gain or just wanton destruction.

The evolving nature of this conflict means that despite having good tools, people, processes and procedures as mentioned above, there’s going to be occasions when this isn’t going to be enough.

For those times, businesses need to react fast, need to investigate, need to assess the risk and mitigate until the vulnerability can be properly addressed or the active exploitation properly expunged. Fortunately, there’s a whole community of heroes out there in the wider world who do a great job of assessing and understanding these vulnerabilities and exploitation as soon as they enter the wild. The information and analysis they produce are put into the public domain very rapidly.

This information then enables organizations to start their investigation and assessment and even mitigation. The problem is traditional systems management aren’t up to the job of actually doing this. The 1E Tachyon Product enables organizations to investigate, assess, and mitigate in real time across millions of devices. The speed and scale of the solution will thus enable businesses to deal with these emerging threats and exploits before they can do any real damage.

So what are the conclusions here?

Dealing effectively with the existential threat posed by the cyber war is going to take a sea change from businesses and public sector organizations. The approach will have to switch from a purely tactical approach to a more holistic and strategic approach— where by organisations take full responsibility for the overall health of their environments, ensuring IT has the automation tools, people, processes and procedures to drive through the required change and also has the ability to react a lot faster to future events.

1E is uniquely placed to help organizations thrive and survive the cyber war. Our tools help organizations drive automation and day to day operations to ensure your IT infrastructure stays healthy and current. 1E also provides tools to ensure IT organizations can react and respond to the latest vulnerabilities and exploitation in real time helping significantly reduce the damage that could and can be caused.